Traditional third-party risk management (TPRM) relies heavily on lengthy security questionnaires—but are they truly improving security, or simply generating administrative burden for both vendors and security teams? As vendor ecosystems scale into the thousands, the conventional model of static assessments is proving outdated and ineffective. In this session, Chuck Kesler, CISO at Pendo, draws on his unique experience as both customer and vendor to share how his approach to TPRM has evolved—especially with the adoption of AI-driven tools that streamline processes and improve outcomes.

In this session you will:

• Discover how to assess and monitor vendors more effectively using risk-tiering, AI tools, and embedded contract requirements
• Learn how vendors can proactively reduce assessment fatigue, demonstrate security maturity, and build trust through transparency
• Explore forward-looking ideas like automated vendor monitoring, GRC integrations, and improving the value of third-party security "credit scores"